Claims 



What is claimed is: 

1. A method for enhancing the security of account-based transactions comprising the 
steps of: 

receiving a request for authorization from a merchant, the request for 
authorization including at least an account number and the amount of the 
transaction; 

identifying an account record associated with the received account number; 

determining whether the account record includes personal authorization criteria 
provided previously by the owner of the identified account; and 

using available personal authorization criteria to process the request for 
authorization. 

2. A method as set forth in claim 1 wherein the using step further includes the steps of: 

processing the request for authorization in accordance with any available personal 
authorization criteria relating to merchant-independent properties of the 
transaction; 

where the request cannot be processed using only personal authorization criteria 
relating to merchant-independent properties of the transaction, processing the 
transaction in accordance with any available merchant-specific criteria, otherwise 
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determining whether the account record contains personal authorization criteria 
for dealing with authorizations requested by previously-unidentified merchants; 
and 

where criteria are found dealing with previously-unidentified merchants, 
processing the request for authorization in accordance with said criteria. 

3. A method as set forth in either claim 1 or claim 2 further including the steps of: 

denying the request for authorization where the transaction fails to comply with 
applicable criteria; 

implementing a consequence-of-denial protocol upon denial of the request, said 
protocol specifying the actions to be taken upon denial. 

4. A method as set forth in claim 3 further including the step of notifying the account 
owner of the denial of authorization in accordance with notification requirements set forth 
in the consequence-of-denial protocol. 

5. A method as set forth in claim 4 wherein the personal authorization criteria relating to 
properties of the transaction includes criteria relating to the location of merchants for 
whom transactions may be authorized. 

6. A method as set forth in claim 4 wherein the personal authorization criteria relating to 
properties of the transaction includes criteria relating to classes of goods or services for 
which transactions may be authorized. 
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7. A method for enhancing the security of account-based transactions comprising the 
steps of: 

receiving a request for authorization from a merchant, the request for 
authorization including at least an account number and the amount of the 
transaction; 

identifying an account record associated with the received account number; 

determining whether the account record includes personal authorization criteria 
provided previously by the owner of the identified account; 

where personal authorization criteria relating to merchant-independent properties 
of the transaction is found, processing the request in accordance with such criteria; 

where no criteria relating to merchant-indpendent properties of the transaction is 
found or the request cannot be processed using only personal authorization criteria 
relating to merchant-independent properties of the transaction, processing the 
transaction in accordance with any available merchant-specific criteria, otherwise 
determining whether the account record contains personal authorization criteria 
for dealing with authorizations requested by previously-unidentified merchants; 

where criteria are found dealing with previously-unidentified merchants, 
processing the request for authorization in accordance with said criteria; and 

where transaction authorization is denied, determining whether the account record 
includes a consequences-of-denial protocol and implementing any such protocol 
found. 
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8* A system for enhancing the security of account-based transactions comprising: 

a communication system for receiving a request for authorization from a remote 
merchant, the request for authorization including at least an account number and 
the amount of the transaction; and 

an authorization system comprising 

a computer system for identifying an account record associated with the 
received account number, determining whether the account record includes 
personal authorization criteria provided previously by the owner of the 
identified account, and retrieving any authorization criteria stored as part 
of the account record, and 

a transaction processing system responsive to the presence of personal 
authorization criteria to process the request for authorization in accordance 
with said criteria, said transaction processing system being responsive to 
the absence of personal authorization criteria to process the request for 
authorization in accordance with previously established default criteria. 

9. A system as set forth in claim 8 wherein the personal authorization criteria includes 
criteria specific to particular merchants. 
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10. A system as set forth in claim 9 wherein the personal authorization criteria further 
includes criteria to be observed where the merchant requesting authorization is not the 
subject of merchant-specific criteria. 

1 1. A method of enhancing the security of account-based transactions comprising: 

storing default criteria for processing requests for authorization; 

establishing an account record for a particular account number; 

storing personal authorization criteria provided by the owner of the account in the 
account record; and 

processing requests for authorization in accordance with stored personal 
authorization criteria; otherwise processing such requests in accordance with 
stored default criteria. 
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